File: /usr/src/linux/net/ipv6/tcp_ipv6.c
1 /*
2 * TCP over IPv6
3 * Linux INET6 implementation
4 *
5 * Authors:
6 * Pedro Roque <roque@di.fc.ul.pt>
7 *
8 * $Id: tcp_ipv6.c,v 1.138 2001/09/01 00:31:50 davem Exp $
9 *
10 * Based on:
11 * linux/net/ipv4/tcp.c
12 * linux/net/ipv4/tcp_input.c
13 * linux/net/ipv4/tcp_output.c
14 *
15 * Fixes:
16 * Hideaki YOSHIFUJI : sin6_scope_id support
17 *
18 * This program is free software; you can redistribute it and/or
19 * modify it under the terms of the GNU General Public License
20 * as published by the Free Software Foundation; either version
21 * 2 of the License, or (at your option) any later version.
22 */
23
24 #define __NO_VERSION__
25 #include <linux/module.h>
26 #include <linux/config.h>
27 #include <linux/errno.h>
28 #include <linux/types.h>
29 #include <linux/socket.h>
30 #include <linux/sockios.h>
31 #include <linux/net.h>
32 #include <linux/sched.h>
33 #include <linux/in.h>
34 #include <linux/in6.h>
35 #include <linux/netdevice.h>
36 #include <linux/init.h>
37 #include <linux/ipsec.h>
38
39 #include <linux/ipv6.h>
40 #include <linux/icmpv6.h>
41 #include <linux/random.h>
42
43 #include <net/tcp.h>
44 #include <net/ndisc.h>
45 #include <net/ipv6.h>
46 #include <net/transp_v6.h>
47 #include <net/addrconf.h>
48 #include <net/ip6_route.h>
49 #include <net/inet_ecn.h>
50
51 #include <asm/uaccess.h>
52
53 static void tcp_v6_send_reset(struct sk_buff *skb);
54 static void tcp_v6_or_send_ack(struct sk_buff *skb, struct open_request *req);
55 static void tcp_v6_send_check(struct sock *sk, struct tcphdr *th, int len,
56 struct sk_buff *skb);
57
58 static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb);
59 static int tcp_v6_xmit(struct sk_buff *skb);
60
61 static struct tcp_func ipv6_mapped;
62 static struct tcp_func ipv6_specific;
63
64 /* I have no idea if this is a good hash for v6 or not. -DaveM */
65 static __inline__ int tcp_v6_hashfn(struct in6_addr *laddr, u16 lport,
66 struct in6_addr *faddr, u16 fport)
67 {
68 int hashent = (lport ^ fport);
69
70 hashent ^= (laddr->s6_addr32[3] ^ faddr->s6_addr32[3]);
71 hashent ^= hashent>>16;
72 hashent ^= hashent>>8;
73 return (hashent & (tcp_ehash_size - 1));
74 }
75
76 static __inline__ int tcp_v6_sk_hashfn(struct sock *sk)
77 {
78 struct in6_addr *laddr = &sk->net_pinfo.af_inet6.rcv_saddr;
79 struct in6_addr *faddr = &sk->net_pinfo.af_inet6.daddr;
80 __u16 lport = sk->num;
81 __u16 fport = sk->dport;
82 return tcp_v6_hashfn(laddr, lport, faddr, fport);
83 }
84
85 /* Grrr, addr_type already calculated by caller, but I don't want
86 * to add some silly "cookie" argument to this method just for that.
87 * But it doesn't matter, the recalculation is in the rarest path
88 * this function ever takes.
89 */
90 static int tcp_v6_get_port(struct sock *sk, unsigned short snum)
91 {
92 struct tcp_bind_hashbucket *head;
93 struct tcp_bind_bucket *tb;
94 int ret;
95
96 local_bh_disable();
97 if (snum == 0) {
98 int low = sysctl_local_port_range[0];
99 int high = sysctl_local_port_range[1];
100 int remaining = (high - low) + 1;
101 int rover;
102
103 spin_lock(&tcp_portalloc_lock);
104 rover = tcp_port_rover;
105 do { rover++;
106 if ((rover < low) || (rover > high))
107 rover = low;
108 head = &tcp_bhash[tcp_bhashfn(rover)];
109 spin_lock(&head->lock);
110 for (tb = head->chain; tb; tb = tb->next)
111 if (tb->port == rover)
112 goto next;
113 break;
114 next:
115 spin_unlock(&head->lock);
116 } while (--remaining > 0);
117 tcp_port_rover = rover;
118 spin_unlock(&tcp_portalloc_lock);
119
120 /* Exhausted local port range during search? */
121 ret = 1;
122 if (remaining <= 0)
123 goto fail;
124
125 /* OK, here is the one we will use. */
126 snum = rover;
127 tb = NULL;
128 } else {
129 head = &tcp_bhash[tcp_bhashfn(snum)];
130 spin_lock(&head->lock);
131 for (tb = head->chain; tb != NULL; tb = tb->next)
132 if (tb->port == snum)
133 break;
134 }
135 if (tb != NULL && tb->owners != NULL) {
136 if (tb->fastreuse != 0 && sk->reuse != 0 && sk->state != TCP_LISTEN) {
137 goto success;
138 } else {
139 struct sock *sk2 = tb->owners;
140 int sk_reuse = sk->reuse;
141 int addr_type = ipv6_addr_type(&sk->net_pinfo.af_inet6.rcv_saddr);
142
143 /* We must walk the whole port owner list in this case. -DaveM */
144 for( ; sk2 != NULL; sk2 = sk2->bind_next) {
145 if (sk != sk2 &&
146 sk->bound_dev_if == sk2->bound_dev_if) {
147 if (!sk_reuse ||
148 !sk2->reuse ||
149 sk2->state == TCP_LISTEN) {
150 /* NOTE: IPv6 tw bucket have different format */
151 if (!sk2->rcv_saddr ||
152 addr_type == IPV6_ADDR_ANY ||
153 !ipv6_addr_cmp(&sk->net_pinfo.af_inet6.rcv_saddr,
154 sk2->state != TCP_TIME_WAIT ?
155 &sk2->net_pinfo.af_inet6.rcv_saddr :
156 &((struct tcp_tw_bucket*)sk)->v6_rcv_saddr) ||
157 (addr_type==IPV6_ADDR_MAPPED && sk2->family==AF_INET &&
158 sk->rcv_saddr==sk2->rcv_saddr))
159 break;
160 }
161 }
162 }
163 /* If we found a conflict, fail. */
164 ret = 1;
165 if (sk2 != NULL)
166 goto fail_unlock;
167 }
168 }
169 ret = 1;
170 if (tb == NULL &&
171 (tb = tcp_bucket_create(head, snum)) == NULL)
172 goto fail_unlock;
173 if (tb->owners == NULL) {
174 if (sk->reuse && sk->state != TCP_LISTEN)
175 tb->fastreuse = 1;
176 else
177 tb->fastreuse = 0;
178 } else if (tb->fastreuse &&
179 ((sk->reuse == 0) || (sk->state == TCP_LISTEN)))
180 tb->fastreuse = 0;
181
182 success:
183 sk->num = snum;
184 if (sk->prev == NULL) {
185 if ((sk->bind_next = tb->owners) != NULL)
186 tb->owners->bind_pprev = &sk->bind_next;
187 tb->owners = sk;
188 sk->bind_pprev = &tb->owners;
189 sk->prev = (struct sock *) tb;
190 } else {
191 BUG_TRAP(sk->prev == (struct sock *) tb);
192 }
193 ret = 0;
194
195 fail_unlock:
196 spin_unlock(&head->lock);
197 fail:
198 local_bh_enable();
199 return ret;
200 }
201
202 static __inline__ void __tcp_v6_hash(struct sock *sk)
203 {
204 struct sock **skp;
205 rwlock_t *lock;
206
207 BUG_TRAP(sk->pprev==NULL);
208
209 if(sk->state == TCP_LISTEN) {
210 skp = &tcp_listening_hash[tcp_sk_listen_hashfn(sk)];
211 lock = &tcp_lhash_lock;
212 tcp_listen_wlock();
213 } else {
214 skp = &tcp_ehash[(sk->hashent = tcp_v6_sk_hashfn(sk))].chain;
215 lock = &tcp_ehash[sk->hashent].lock;
216 write_lock(lock);
217 }
218
219 if((sk->next = *skp) != NULL)
220 (*skp)->pprev = &sk->next;
221 *skp = sk;
222 sk->pprev = skp;
223 sock_prot_inc_use(sk->prot);
224 write_unlock(lock);
225 }
226
227
228 static void tcp_v6_hash(struct sock *sk)
229 {
230 if(sk->state != TCP_CLOSE) {
231 if (sk->tp_pinfo.af_tcp.af_specific == &ipv6_mapped) {
232 tcp_prot.hash(sk);
233 return;
234 }
235 local_bh_disable();
236 __tcp_v6_hash(sk);
237 local_bh_enable();
238 }
239 }
240
241 static struct sock *tcp_v6_lookup_listener(struct in6_addr *daddr, unsigned short hnum, int dif)
242 {
243 struct sock *sk;
244 struct sock *result = NULL;
245 int score, hiscore;
246
247 hiscore=0;
248 read_lock(&tcp_lhash_lock);
249 sk = tcp_listening_hash[tcp_lhashfn(hnum)];
250 for(; sk; sk = sk->next) {
251 if((sk->num == hnum) && (sk->family == PF_INET6)) {
252 struct ipv6_pinfo *np = &sk->net_pinfo.af_inet6;
253
254 score = 1;
255 if(!ipv6_addr_any(&np->rcv_saddr)) {
256 if(ipv6_addr_cmp(&np->rcv_saddr, daddr))
257 continue;
258 score++;
259 }
260 if (sk->bound_dev_if) {
261 if (sk->bound_dev_if != dif)
262 continue;
263 score++;
264 }
265 if (score == 3) {
266 result = sk;
267 break;
268 }
269 if (score > hiscore) {
270 hiscore = score;
271 result = sk;
272 }
273 }
274 }
275 if (result)
276 sock_hold(result);
277 read_unlock(&tcp_lhash_lock);
278 return result;
279 }
280
281 /* Sockets in TCP_CLOSE state are _always_ taken out of the hash, so
282 * we need not check it for TCP lookups anymore, thanks Alexey. -DaveM
283 *
284 * The sockhash lock must be held as a reader here.
285 */
286
287 static inline struct sock *__tcp_v6_lookup_established(struct in6_addr *saddr, u16 sport,
288 struct in6_addr *daddr, u16 hnum,
289 int dif)
290 {
291 struct tcp_ehash_bucket *head;
292 struct sock *sk;
293 __u32 ports = TCP_COMBINED_PORTS(sport, hnum);
294 int hash;
295
296 /* Optimize here for direct hit, only listening connections can
297 * have wildcards anyways.
298 */
299 hash = tcp_v6_hashfn(daddr, hnum, saddr, sport);
300 head = &tcp_ehash[hash];
301 read_lock(&head->lock);
302 for(sk = head->chain; sk; sk = sk->next) {
303 /* For IPV6 do the cheaper port and family tests first. */
304 if(TCP_IPV6_MATCH(sk, saddr, daddr, ports, dif))
305 goto hit; /* You sunk my battleship! */
306 }
307 /* Must check for a TIME_WAIT'er before going to listener hash. */
308 for(sk = (head + tcp_ehash_size)->chain; sk; sk = sk->next) {
309 if(*((__u32 *)&(sk->dport)) == ports &&
310 sk->family == PF_INET6) {
311 struct tcp_tw_bucket *tw = (struct tcp_tw_bucket *)sk;
312 if(!ipv6_addr_cmp(&tw->v6_daddr, saddr) &&
313 !ipv6_addr_cmp(&tw->v6_rcv_saddr, daddr) &&
314 (!sk->bound_dev_if || sk->bound_dev_if == dif))
315 goto hit;
316 }
317 }
318 read_unlock(&head->lock);
319 return NULL;
320
321 hit:
322 sock_hold(sk);
323 read_unlock(&head->lock);
324 return sk;
325 }
326
327
328 static inline struct sock *__tcp_v6_lookup(struct in6_addr *saddr, u16 sport,
329 struct in6_addr *daddr, u16 hnum,
330 int dif)
331 {
332 struct sock *sk;
333
334 sk = __tcp_v6_lookup_established(saddr, sport, daddr, hnum, dif);
335
336 if (sk)
337 return sk;
338
339 return tcp_v6_lookup_listener(daddr, hnum, dif);
340 }
341
342 #define tcp_v6_lookup(sa, sp, da, dp, dif) \
343 ({ struct sock *___sk; \
344 local_bh_disable(); \
345 ___sk = __tcp_v6_lookup((sa),(sp),(da),ntohs(dp),(dif)); \
346 local_bh_enable(); \
347 ___sk; \
348 })
349
350
351 /*
352 * Open request hash tables.
353 */
354
355 static __inline__ unsigned tcp_v6_synq_hash(struct in6_addr *raddr, u16 rport)
356 {
357 unsigned h = raddr->s6_addr32[3] ^ rport;
358 h ^= h>>16;
359 h ^= h>>8;
360 return h&(TCP_SYNQ_HSIZE-1);
361 }
362
363 static struct open_request *tcp_v6_search_req(struct tcp_opt *tp,
364 struct ipv6hdr *ip6h,
365 struct tcphdr *th,
366 int iif,
367 struct open_request ***prevp)
368 {
369 struct tcp_listen_opt *lopt = tp->listen_opt;
370 struct open_request *req, **prev;
371 __u16 rport = th->source;
372
373 for (prev = &lopt->syn_table[tcp_v6_synq_hash(&ip6h->saddr, rport)];
374 (req = *prev) != NULL;
375 prev = &req->dl_next) {
376 if (req->rmt_port == rport &&
377 req->class->family == AF_INET6 &&
378 !ipv6_addr_cmp(&req->af.v6_req.rmt_addr, &ip6h->saddr) &&
379 !ipv6_addr_cmp(&req->af.v6_req.loc_addr, &ip6h->daddr) &&
380 (!req->af.v6_req.iif || req->af.v6_req.iif == iif)) {
381 BUG_TRAP(req->sk == NULL);
382 *prevp = prev;
383 return req;
384 }
385 }
386
387 return NULL;
388 }
389
390 static __inline__ u16 tcp_v6_check(struct tcphdr *th, int len,
391 struct in6_addr *saddr,
392 struct in6_addr *daddr,
393 unsigned long base)
394 {
395 return csum_ipv6_magic(saddr, daddr, len, IPPROTO_TCP, base);
396 }
397
398 static __u32 tcp_v6_init_sequence(struct sock *sk, struct sk_buff *skb)
399 {
400 if (skb->protocol == __constant_htons(ETH_P_IPV6)) {
401 return secure_tcpv6_sequence_number(skb->nh.ipv6h->daddr.s6_addr32,
402 skb->nh.ipv6h->saddr.s6_addr32,
403 skb->h.th->dest,
404 skb->h.th->source);
405 } else {
406 return secure_tcp_sequence_number(skb->nh.iph->daddr,
407 skb->nh.iph->saddr,
408 skb->h.th->dest,
409 skb->h.th->source);
410 }
411 }
412
413 static int tcp_v6_check_established(struct sock *sk)
414 {
415 struct in6_addr *daddr = &sk->net_pinfo.af_inet6.rcv_saddr;
416 struct in6_addr *saddr = &sk->net_pinfo.af_inet6.daddr;
417 int dif = sk->bound_dev_if;
418 u32 ports = TCP_COMBINED_PORTS(sk->dport, sk->num);
419 int hash = tcp_v6_hashfn(daddr, sk->num, saddr, sk->dport);
420 struct tcp_ehash_bucket *head = &tcp_ehash[hash];
421 struct sock *sk2, **skp;
422 struct tcp_tw_bucket *tw;
423
424 write_lock_bh(&head->lock);
425
426 for(skp = &(head + tcp_ehash_size)->chain; (sk2=*skp)!=NULL; skp = &sk2->next) {
427 tw = (struct tcp_tw_bucket*)sk2;
428
429 if(*((__u32 *)&(sk2->dport)) == ports &&
430 sk2->family == PF_INET6 &&
431 !ipv6_addr_cmp(&tw->v6_daddr, saddr) &&
432 !ipv6_addr_cmp(&tw->v6_rcv_saddr, daddr) &&
433 sk2->bound_dev_if == sk->bound_dev_if) {
434 struct tcp_opt *tp = &(sk->tp_pinfo.af_tcp);
435
436 if (tw->ts_recent_stamp) {
437 /* See comment in tcp_ipv4.c */
438 if ((tp->write_seq = tw->snd_nxt+65535+2) == 0)
439 tp->write_seq = 1;
440 tp->ts_recent = tw->ts_recent;
441 tp->ts_recent_stamp = tw->ts_recent_stamp;
442 sock_hold(sk2);
443 skp = &head->chain;
444 goto unique;
445 } else
446 goto not_unique;
447 }
448 }
449 tw = NULL;
450
451 for(skp = &head->chain; (sk2=*skp)!=NULL; skp = &sk2->next) {
452 if(TCP_IPV6_MATCH(sk, saddr, daddr, ports, dif))
453 goto not_unique;
454 }
455
456 unique:
457 BUG_TRAP(sk->pprev==NULL);
458 if ((sk->next = *skp) != NULL)
459 (*skp)->pprev = &sk->next;
460
461 *skp = sk;
462 sk->pprev = skp;
463 sk->hashent = hash;
464 sock_prot_inc_use(sk->prot);
465 write_unlock_bh(&head->lock);
466
467 if (tw) {
468 /* Silly. Should hash-dance instead... */
469 local_bh_disable();
470 tcp_tw_deschedule(tw);
471 tcp_timewait_kill(tw);
472 NET_INC_STATS_BH(TimeWaitRecycled);
473 local_bh_enable();
474
475 tcp_tw_put(tw);
476 }
477 return 0;
478
479 not_unique:
480 write_unlock_bh(&head->lock);
481 return -EADDRNOTAVAIL;
482 }
483
484 static int tcp_v6_hash_connecting(struct sock *sk)
485 {
486 unsigned short snum = sk->num;
487 struct tcp_bind_hashbucket *head = &tcp_bhash[tcp_bhashfn(snum)];
488 struct tcp_bind_bucket *tb = head->chain;
489
490 spin_lock_bh(&head->lock);
491
492 if (tb->owners == sk && sk->bind_next == NULL) {
493 __tcp_v6_hash(sk);
494 spin_unlock_bh(&head->lock);
495 return 0;
496 } else {
497 spin_unlock_bh(&head->lock);
498 return tcp_v6_check_established(sk);
499 }
500 }
501
502 static __inline__ int tcp_v6_iif(struct sk_buff *skb)
503 {
504 struct inet6_skb_parm *opt = (struct inet6_skb_parm *) skb->cb;
505 return opt->iif;
506 }
507
508 static int tcp_v6_connect(struct sock *sk, struct sockaddr *uaddr,
509 int addr_len)
510 {
511 struct sockaddr_in6 *usin = (struct sockaddr_in6 *) uaddr;
512 struct ipv6_pinfo *np = &sk->net_pinfo.af_inet6;
513 struct tcp_opt *tp = &sk->tp_pinfo.af_tcp;
514 struct in6_addr *saddr = NULL;
515 struct in6_addr saddr_buf;
516 struct flowi fl;
517 struct dst_entry *dst;
518 struct sk_buff *buff;
519 int addr_type;
520 int err;
521
522 if (addr_len < SIN6_LEN_RFC2133)
523 return -EINVAL;
524
525 if (usin->sin6_family != AF_INET6)
526 return(-EAFNOSUPPORT);
527
528 fl.fl6_flowlabel = 0;
529 if (np->sndflow) {
530 fl.fl6_flowlabel = usin->sin6_flowinfo&IPV6_FLOWINFO_MASK;
531 IP6_ECN_flow_init(fl.fl6_flowlabel);
532 if (fl.fl6_flowlabel&IPV6_FLOWLABEL_MASK) {
533 struct ip6_flowlabel *flowlabel;
534 flowlabel = fl6_sock_lookup(sk, fl.fl6_flowlabel);
535 if (flowlabel == NULL)
536 return -EINVAL;
537 ipv6_addr_copy(&usin->sin6_addr, &flowlabel->dst);
538 fl6_sock_release(flowlabel);
539 }
540 }
541
542 /*
543 * connect() to INADDR_ANY means loopback (BSD'ism).
544 */
545
546 if(ipv6_addr_any(&usin->sin6_addr))
547 usin->sin6_addr.s6_addr[15] = 0x1;
548
549 addr_type = ipv6_addr_type(&usin->sin6_addr);
550
551 if(addr_type & IPV6_ADDR_MULTICAST)
552 return -ENETUNREACH;
553
554 if (addr_type&IPV6_ADDR_LINKLOCAL) {
555 if (addr_len >= sizeof(struct sockaddr_in6) &&
556 usin->sin6_scope_id) {
557 /* If interface is set while binding, indices
558 * must coincide.
559 */
560 if (sk->bound_dev_if &&
561 sk->bound_dev_if != usin->sin6_scope_id)
562 return -EINVAL;
563
564 sk->bound_dev_if = usin->sin6_scope_id;
565 }
566
567 /* Connect to link-local address requires an interface */
568 if (sk->bound_dev_if == 0)
569 return -EINVAL;
570 }
571
572 if (tp->ts_recent_stamp && ipv6_addr_cmp(&np->daddr, &usin->sin6_addr)) {
573 tp->ts_recent = 0;
574 tp->ts_recent_stamp = 0;
575 tp->write_seq = 0;
576 }
577
578 ipv6_addr_copy(&np->daddr, &usin->sin6_addr);
579 np->flow_label = fl.fl6_flowlabel;
580
581 /*
582 * TCP over IPv4
583 */
584
585 if (addr_type == IPV6_ADDR_MAPPED) {
586 u32 exthdrlen = tp->ext_header_len;
587 struct sockaddr_in sin;
588
589 SOCK_DEBUG(sk, "connect: ipv4 mapped\n");
590
591 sin.sin_family = AF_INET;
592 sin.sin_port = usin->sin6_port;
593 sin.sin_addr.s_addr = usin->sin6_addr.s6_addr32[3];
594
595 sk->tp_pinfo.af_tcp.af_specific = &ipv6_mapped;
596 sk->backlog_rcv = tcp_v4_do_rcv;
597
598 err = tcp_v4_connect(sk, (struct sockaddr *)&sin, sizeof(sin));
599
600 if (err) {
601 tp->ext_header_len = exthdrlen;
602 sk->tp_pinfo.af_tcp.af_specific = &ipv6_specific;
603 sk->backlog_rcv = tcp_v6_do_rcv;
604 goto failure;
605 } else {
606 ipv6_addr_set(&np->saddr, 0, 0, __constant_htonl(0x0000FFFF),
607 sk->saddr);
608 ipv6_addr_set(&np->rcv_saddr, 0, 0, __constant_htonl(0x0000FFFF),
609 sk->rcv_saddr);
610 }
611
612 return err;
613 }
614
615 if (!ipv6_addr_any(&np->rcv_saddr))
616 saddr = &np->rcv_saddr;
617
618 fl.proto = IPPROTO_TCP;
619 fl.fl6_dst = &np->daddr;
620 fl.fl6_src = saddr;
621 fl.oif = sk->bound_dev_if;
622 fl.uli_u.ports.dport = usin->sin6_port;
623 fl.uli_u.ports.sport = sk->sport;
624
625 if (np->opt && np->opt->srcrt) {
626 struct rt0_hdr *rt0 = (struct rt0_hdr *) np->opt->srcrt;
627 fl.nl_u.ip6_u.daddr = rt0->addr;
628 }
629
630 dst = ip6_route_output(sk, &fl);
631
632 if ((err = dst->error) != 0) {
633 dst_release(dst);
634 goto failure;
635 }
636
637 ip6_dst_store(sk, dst, NULL);
638 sk->route_caps = dst->dev->features&~NETIF_F_IP_CSUM;
639
640 if (saddr == NULL) {
641 err = ipv6_get_saddr(dst, &np->daddr, &saddr_buf);
642 if (err)
643 goto failure;
644
645 saddr = &saddr_buf;
646 }
647
648 /* set the source address */
649 ipv6_addr_copy(&np->rcv_saddr, saddr);
650 ipv6_addr_copy(&np->saddr, saddr);
651 sk->rcv_saddr= LOOPBACK4_IPV6;
652
653 tp->ext_header_len = 0;
654 if (np->opt)
655 tp->ext_header_len = np->opt->opt_flen+np->opt->opt_nflen;
656 tp->mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) - sizeof(struct ipv6hdr);
657
658 err = -ENOBUFS;
659 buff = alloc_skb(MAX_TCP_HEADER + 15, GFP_KERNEL);
660
661 if (buff == NULL)
662 goto failure;
663
664 sk->dport = usin->sin6_port;
665
666 /*
667 * Init variables
668 */
669
670 if (!tp->write_seq)
671 tp->write_seq = secure_tcpv6_sequence_number(np->saddr.s6_addr32,
672 np->daddr.s6_addr32,
673 sk->sport, sk->dport);
674
675 err = tcp_connect(sk, buff);
676 if (err == 0)
677 return 0;
678
679 failure:
680 __sk_dst_reset(sk);
681 sk->dport = 0;
682 sk->route_caps = 0;
683 return err;
684 }
685
686 void tcp_v6_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
687 int type, int code, int offset, __u32 info)
688 {
689 struct ipv6hdr *hdr = (struct ipv6hdr*)skb->data;
690 struct in6_addr *saddr = &hdr->saddr;
691 struct in6_addr *daddr = &hdr->daddr;
692 struct tcphdr *th = (struct tcphdr *)(skb->data+offset);
693 struct ipv6_pinfo *np;
694 struct sock *sk;
695 int err;
696 struct tcp_opt *tp;
697 __u32 seq;
698
699 sk = tcp_v6_lookup(daddr, th->dest, saddr, th->source, skb->dev->ifindex);
700
701 if (sk == NULL) {
702 ICMP6_INC_STATS_BH(Icmp6InErrors);
703 return;
704 }
705
706 if (sk->state == TCP_TIME_WAIT) {
707 tcp_tw_put((struct tcp_tw_bucket*)sk);
708 return;
709 }
710
711 bh_lock_sock(sk);
712 if (sk->lock.users)
713 NET_INC_STATS_BH(LockDroppedIcmps);
714
715 if (sk->state == TCP_CLOSE)
716 goto out;
717
718 tp = &sk->tp_pinfo.af_tcp;
719 seq = ntohl(th->seq);
720 if (sk->state != TCP_LISTEN && !between(seq, tp->snd_una, tp->snd_nxt)) {
721 NET_INC_STATS_BH(OutOfWindowIcmps);
722 goto out;
723 }
724
725 np = &sk->net_pinfo.af_inet6;
726
727 if (type == ICMPV6_PKT_TOOBIG) {
728 struct dst_entry *dst = NULL;
729
730 if (sk->lock.users)
731 goto out;
732 if ((1<<sk->state)&(TCPF_LISTEN|TCPF_CLOSE))
733 goto out;
734
735 /* icmp should have updated the destination cache entry */
736 dst = __sk_dst_check(sk, np->dst_cookie);
737
738 if (dst == NULL) {
739 struct flowi fl;
740
741 /* BUGGG_FUTURE: Again, it is not clear how
742 to handle rthdr case. Ignore this complexity
743 for now.
744 */
745 fl.proto = IPPROTO_TCP;
746 fl.nl_u.ip6_u.daddr = &np->daddr;
747 fl.nl_u.ip6_u.saddr = &np->saddr;
748 fl.oif = sk->bound_dev_if;
749 fl.uli_u.ports.dport = sk->dport;
750 fl.uli_u.ports.sport = sk->sport;
751
752 dst = ip6_route_output(sk, &fl);
753 } else
754 dst_clone(dst);
755
756 if (dst->error) {
757 sk->err_soft = -dst->error;
758 } else if (tp->pmtu_cookie > dst->pmtu) {
759 tcp_sync_mss(sk, dst->pmtu);
760 tcp_simple_retransmit(sk);
761 } /* else let the usual retransmit timer handle it */
762 dst_release(dst);
763 goto out;
764 }
765
766 icmpv6_err_convert(type, code, &err);
767
768 /* Might be for an open_request */
769 switch (sk->state) {
770 struct open_request *req, **prev;
771 struct ipv6hdr hd;
772 case TCP_LISTEN:
773 if (sk->lock.users)
774 goto out;
775
776 /* Grrrr - fix this later. */
777 ipv6_addr_copy(&hd.saddr, saddr);
778 ipv6_addr_copy(&hd.daddr, daddr);
779 req = tcp_v6_search_req(tp, &hd, th, tcp_v6_iif(skb), &prev);
780 if (!req)
781 goto out;
782
783 /* ICMPs are not backlogged, hence we cannot get
784 * an established socket here.
785 */
786 BUG_TRAP(req->sk == NULL);
787
788 if (seq != req->snt_isn) {
789 NET_INC_STATS_BH(OutOfWindowIcmps);
790 goto out;
791 }
792
793 tcp_synq_drop(sk, req, prev);
794 goto out;
795
796 case TCP_SYN_SENT:
797 case TCP_SYN_RECV: /* Cannot happen.
798 It can, it SYNs are crossed. --ANK */
799 if (sk->lock.users == 0) {
800 TCP_INC_STATS_BH(TcpAttemptFails);
801 sk->err = err;
802 sk->error_report(sk); /* Wake people up to see the error (see connect in sock.c) */
803
804 tcp_done(sk);
805 } else {
806 sk->err_soft = err;
807 }
808 goto out;
809 }
810
811 if (sk->lock.users == 0 && np->recverr) {
812 sk->err = err;
813 sk->error_report(sk);
814 } else {
815 sk->err_soft = err;
816 }
817
818 out:
819 bh_unlock_sock(sk);
820 sock_put(sk);
821 }
822
823
824 static int tcp_v6_send_synack(struct sock *sk, struct open_request *req,
825 struct dst_entry *dst)
826 {
827 struct sk_buff * skb;
828 struct ipv6_txoptions *opt = NULL;
829 struct flowi fl;
830 int err = -1;
831
832 fl.proto = IPPROTO_TCP;
833 fl.nl_u.ip6_u.daddr = &req->af.v6_req.rmt_addr;
834 fl.nl_u.ip6_u.saddr = &req->af.v6_req.loc_addr;
835 fl.fl6_flowlabel = 0;
836 fl.oif = req->af.v6_req.iif;
837 fl.uli_u.ports.dport = req->rmt_port;
838 fl.uli_u.ports.sport = sk->sport;
839
840 if (dst == NULL) {
841 opt = sk->net_pinfo.af_inet6.opt;
842 if (opt == NULL &&
843 sk->net_pinfo.af_inet6.rxopt.bits.srcrt == 2 &&
844 req->af.v6_req.pktopts) {
845 struct sk_buff *pktopts = req->af.v6_req.pktopts;
846 struct inet6_skb_parm *rxopt = (struct inet6_skb_parm *)pktopts->cb;
847 if (rxopt->srcrt)
848 opt = ipv6_invert_rthdr(sk, (struct ipv6_rt_hdr*)(pktopts->nh.raw + rxopt->srcrt));
849 }
850
851 if (opt && opt->srcrt) {
852 struct rt0_hdr *rt0 = (struct rt0_hdr *) opt->srcrt;
853 fl.nl_u.ip6_u.daddr = rt0->addr;
854 }
855
856 dst = ip6_route_output(sk, &fl);
857 if (dst->error)
858 goto done;
859 }
860
861 skb = tcp_make_synack(sk, dst, req);
862 if (skb) {
863 struct tcphdr *th = skb->h.th;
864
865 th->check = tcp_v6_check(th, skb->len,
866 &req->af.v6_req.loc_addr, &req->af.v6_req.rmt_addr,
867 csum_partial((char *)th, skb->len, skb->csum));
868
869 fl.nl_u.ip6_u.daddr = &req->af.v6_req.rmt_addr;
870 err = ip6_xmit(sk, skb, &fl, opt);
871 if (err == NET_XMIT_CN)
872 err = 0;
873 }
874
875 done:
876 dst_release(dst);
877 if (opt && opt != sk->net_pinfo.af_inet6.opt)
878 sock_kfree_s(sk, opt, opt->tot_len);
879 return err;
880 }
881
882 static void tcp_v6_or_free(struct open_request *req)
883 {
884 if (req->af.v6_req.pktopts)
885 kfree_skb(req->af.v6_req.pktopts);
886 }
887
888 static struct or_calltable or_ipv6 = {
889 AF_INET6,
890 tcp_v6_send_synack,
891 tcp_v6_or_send_ack,
892 tcp_v6_or_free,
893 tcp_v6_send_reset
894 };
895
896 static int ipv6_opt_accepted(struct sock *sk, struct sk_buff *skb)
897 {
898 struct inet6_skb_parm *opt = (struct inet6_skb_parm *)skb->cb;
899
900 if (sk->net_pinfo.af_inet6.rxopt.all) {
901 if ((opt->hop && sk->net_pinfo.af_inet6.rxopt.bits.hopopts) ||
902 ((IPV6_FLOWINFO_MASK&*(u32*)skb->nh.raw) &&
903 sk->net_pinfo.af_inet6.rxopt.bits.rxflow) ||
904 (opt->srcrt && sk->net_pinfo.af_inet6.rxopt.bits.srcrt) ||
905 ((opt->dst1 || opt->dst0) && sk->net_pinfo.af_inet6.rxopt.bits.dstopts))
906 return 1;
907 }
908 return 0;
909 }
910
911
912 static void tcp_v6_send_check(struct sock *sk, struct tcphdr *th, int len,
913 struct sk_buff *skb)
914 {
915 struct ipv6_pinfo *np = &sk->net_pinfo.af_inet6;
916
917 if (skb->ip_summed == CHECKSUM_HW) {
918 th->check = csum_ipv6_magic(&np->saddr, &np->daddr, len, IPPROTO_TCP, 0);
919 skb->csum = offsetof(struct tcphdr, check);
920 } else {
921 th->check = csum_ipv6_magic(&np->saddr, &np->daddr, len, IPPROTO_TCP,
922 csum_partial((char *)th, th->doff<<2,
923 skb->csum));
924 }
925 }
926
927
928 static void tcp_v6_send_reset(struct sk_buff *skb)
929 {
930 struct tcphdr *th = skb->h.th, *t1;
931 struct sk_buff *buff;
932 struct flowi fl;
933
934 if (th->rst)
935 return;
936
937 if (ipv6_addr_is_multicast(&skb->nh.ipv6h->daddr))
938 return;
939
940 /*
941 * We need to grab some memory, and put together an RST,
942 * and then put it into the queue to be sent.
943 */
944
945 buff = alloc_skb(MAX_HEADER + sizeof(struct ipv6hdr), GFP_ATOMIC);
946 if (buff == NULL)
947 return;
948
949 skb_reserve(buff, MAX_HEADER + sizeof(struct ipv6hdr));
950
951 t1 = (struct tcphdr *) skb_push(buff,sizeof(struct tcphdr));
952
953 /* Swap the send and the receive. */
954 memset(t1, 0, sizeof(*t1));
955 t1->dest = th->source;
956 t1->source = th->dest;
957 t1->doff = sizeof(*t1)/4;
958 t1->rst = 1;
959
960 if(th->ack) {
961 t1->seq = th->ack_seq;
962 } else {
963 t1->ack = 1;
964 t1->ack_seq = htonl(ntohl(th->seq) + th->syn + th->fin
965 + skb->len - (th->doff<<2));
966 }
967
968 buff->csum = csum_partial((char *)t1, sizeof(*t1), 0);
969
970 fl.nl_u.ip6_u.daddr = &skb->nh.ipv6h->saddr;
971 fl.nl_u.ip6_u.saddr = &skb->nh.ipv6h->daddr;
972 fl.fl6_flowlabel = 0;
973
974 t1->check = csum_ipv6_magic(fl.nl_u.ip6_u.saddr,
975 fl.nl_u.ip6_u.daddr,
976 sizeof(*t1), IPPROTO_TCP,
977 buff->csum);
978
979 fl.proto = IPPROTO_TCP;
980 fl.oif = tcp_v6_iif(skb);
981 fl.uli_u.ports.dport = t1->dest;
982 fl.uli_u.ports.sport = t1->source;
983
984 /* sk = NULL, but it is safe for now. RST socket required. */
985 buff->dst = ip6_route_output(NULL, &fl);
986
987 if (buff->dst->error == 0) {
988 ip6_xmit(NULL, buff, &fl, NULL);
989 TCP_INC_STATS_BH(TcpOutSegs);
990 TCP_INC_STATS_BH(TcpOutRsts);
991 return;
992 }
993
994 kfree_skb(buff);
995 }
996
997 static void tcp_v6_send_ack(struct sk_buff *skb, u32 seq, u32 ack, u32 win, u32 ts)
998 {
999 struct tcphdr *th = skb->h.th, *t1;
1000 struct sk_buff *buff;
1001 struct flowi fl;
1002 int tot_len = sizeof(struct tcphdr);
1003
1004 buff = alloc_skb(MAX_HEADER + sizeof(struct ipv6hdr), GFP_ATOMIC);
1005 if (buff == NULL)
1006 return;
1007
1008 skb_reserve(buff, MAX_HEADER + sizeof(struct ipv6hdr));
1009
1010 if (ts)
1011 tot_len += 3*4;
1012
1013 t1 = (struct tcphdr *) skb_push(buff,tot_len);
1014
1015 /* Swap the send and the receive. */
1016 memset(t1, 0, sizeof(*t1));
1017 t1->dest = th->source;
1018 t1->source = th->dest;
1019 t1->doff = tot_len/4;
1020 t1->seq = htonl(seq);
1021 t1->ack_seq = htonl(ack);
1022 t1->ack = 1;
1023 t1->window = htons(win);
1024
1025 if (ts) {
1026 u32 *ptr = (u32*)(t1 + 1);
1027 *ptr++ = __constant_htonl((TCPOPT_NOP << 24) |
1028 (TCPOPT_NOP << 16) |
1029 (TCPOPT_TIMESTAMP << 8) |
1030 TCPOLEN_TIMESTAMP);
1031 *ptr++ = htonl(tcp_time_stamp);
1032 *ptr = htonl(ts);
1033 }
1034
1035 buff->csum = csum_partial((char *)t1, tot_len, 0);
1036
1037 fl.nl_u.ip6_u.daddr = &skb->nh.ipv6h->saddr;
1038 fl.nl_u.ip6_u.saddr = &skb->nh.ipv6h->daddr;
1039 fl.fl6_flowlabel = 0;
1040
1041 t1->check = csum_ipv6_magic(fl.nl_u.ip6_u.saddr,
1042 fl.nl_u.ip6_u.daddr,
1043 tot_len, IPPROTO_TCP,
1044 buff->csum);
1045
1046 fl.proto = IPPROTO_TCP;
1047 fl.oif = tcp_v6_iif(skb);
1048 fl.uli_u.ports.dport = t1->dest;
1049 fl.uli_u.ports.sport = t1->source;
1050
1051 buff->dst = ip6_route_output(NULL, &fl);
1052
1053 if (buff->dst->error == 0) {
1054 ip6_xmit(NULL, buff, &fl, NULL);
1055 TCP_INC_STATS_BH(TcpOutSegs);
1056 return;
1057 }
1058
1059 kfree_skb(buff);
1060 }
1061
1062 static void tcp_v6_timewait_ack(struct sock *sk, struct sk_buff *skb)
1063 {
1064 struct tcp_tw_bucket *tw = (struct tcp_tw_bucket *)sk;
1065
1066 tcp_v6_send_ack(skb, tw->snd_nxt, tw->rcv_nxt,
1067 tw->rcv_wnd>>tw->rcv_wscale, tw->ts_recent);
1068
1069 tcp_tw_put(tw);
1070 }
1071
1072 static void tcp_v6_or_send_ack(struct sk_buff *skb, struct open_request *req)
1073 {
1074 tcp_v6_send_ack(skb, req->snt_isn+1, req->rcv_isn+1, req->rcv_wnd, req->ts_recent);
1075 }
1076
1077
1078 static struct sock *tcp_v6_hnd_req(struct sock *sk,struct sk_buff *skb)
1079 {
1080 struct open_request *req, **prev;
1081 struct tcphdr *th = skb->h.th;
1082 struct tcp_opt *tp = &(sk->tp_pinfo.af_tcp);
1083 struct sock *nsk;
1084
1085 /* Find possible connection requests. */
1086 req = tcp_v6_search_req(tp, skb->nh.ipv6h, th, tcp_v6_iif(skb), &prev);
1087 if (req)
1088 return tcp_check_req(sk, skb, req, prev);
1089
1090 nsk = __tcp_v6_lookup_established(&skb->nh.ipv6h->saddr,
1091 th->source,
1092 &skb->nh.ipv6h->daddr,
1093 ntohs(th->dest),
1094 tcp_v6_iif(skb));
1095
1096 if (nsk) {
1097 if (nsk->state != TCP_TIME_WAIT) {
1098 bh_lock_sock(nsk);
1099 return nsk;
1100 }
1101 tcp_tw_put((struct tcp_tw_bucket*)sk);
1102 return NULL;
1103 }
1104
1105 #if 0 /*def CONFIG_SYN_COOKIES*/
1106 if (!th->rst && !th->syn && th->ack)
1107 sk = cookie_v6_check(sk, skb, &(IPCB(skb)->opt));
1108 #endif
1109 return sk;
1110 }
1111
1112 static void tcp_v6_synq_add(struct sock *sk, struct open_request *req)
1113 {
1114 struct tcp_opt *tp = &sk->tp_pinfo.af_tcp;
1115 struct tcp_listen_opt *lopt = tp->listen_opt;
1116 unsigned h = tcp_v6_synq_hash(&req->af.v6_req.rmt_addr, req->rmt_port);
1117
1118 req->sk = NULL;
1119 req->expires = jiffies + TCP_TIMEOUT_INIT;
1120 req->retrans = 0;
1121 req->index = h;
1122 req->dl_next = lopt->syn_table[h];
1123
1124 write_lock(&tp->syn_wait_lock);
1125 lopt->syn_table[h] = req;
1126 write_unlock(&tp->syn_wait_lock);
1127
1128 tcp_synq_added(sk);
1129 }
1130
1131
1132 /* FIXME: this is substantially similar to the ipv4 code.
1133 * Can some kind of merge be done? -- erics
1134 */
1135 static int tcp_v6_conn_request(struct sock *sk, struct sk_buff *skb)
1136 {
1137 struct tcp_opt tp;
1138 struct open_request *req = NULL;
1139 __u32 isn = TCP_SKB_CB(skb)->when;
1140
1141 if (skb->protocol == __constant_htons(ETH_P_IP))
1142 return tcp_v4_conn_request(sk, skb);
1143
1144 /* FIXME: do the same check for anycast */
1145 if (ipv6_addr_is_multicast(&skb->nh.ipv6h->daddr))
1146 goto drop;
1147
1148 /*
1149 * There are no SYN attacks on IPv6, yet...
1150 */
1151 if (tcp_synq_is_full(sk) && !isn) {
1152 if (net_ratelimit())
1153 printk(KERN_INFO "TCPv6: dropping request, synflood is possible\n");
1154 goto drop;
1155 }
1156
1157 if (tcp_acceptq_is_full(sk) && tcp_synq_young(sk) > 1)
1158 goto drop;
1159
1160 req = tcp_openreq_alloc();
1161 if (req == NULL)
1162 goto drop;
1163
1164 tcp_clear_options(&tp);
1165 tp.mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) - sizeof(struct ipv6hdr);
1166 tp.user_mss = sk->tp_pinfo.af_tcp.user_mss;
1167
1168 tcp_parse_options(skb, &tp, 0);
1169
1170 tcp_openreq_init(req, &tp, skb);
1171
1172 req->class = &or_ipv6;
1173 ipv6_addr_copy(&req->af.v6_req.rmt_addr, &skb->nh.ipv6h->saddr);
1174 ipv6_addr_copy(&req->af.v6_req.loc_addr, &skb->nh.ipv6h->daddr);
1175 TCP_ECN_create_request(req, skb->h.th);
1176 req->af.v6_req.pktopts = NULL;
1177 if (ipv6_opt_accepted(sk, skb) ||
1178 sk->net_pinfo.af_inet6.rxopt.bits.rxinfo ||
1179 sk->net_pinfo.af_inet6.rxopt.bits.rxhlim) {
1180 atomic_inc(&skb->users);
1181 req->af.v6_req.pktopts = skb;
1182 }
1183 req->af.v6_req.iif = sk->bound_dev_if;
1184
1185 /* So that link locals have meaning */
1186 if (!sk->bound_dev_if && ipv6_addr_type(&req->af.v6_req.rmt_addr)&IPV6_ADDR_LINKLOCAL)
1187 req->af.v6_req.iif = tcp_v6_iif(skb);
1188
1189 if (isn == 0)
1190 isn = tcp_v6_init_sequence(sk,skb);
1191
1192 req->snt_isn = isn;
1193
1194 if (tcp_v6_send_synack(sk, req, NULL))
1195 goto drop;
1196
1197 tcp_v6_synq_add(sk, req);
1198
1199 return 0;
1200
1201 drop:
1202 if (req)
1203 tcp_openreq_free(req);
1204
1205 TCP_INC_STATS_BH(TcpAttemptFails);
1206 return 0; /* don't send reset */
1207 }
1208
1209 static struct sock * tcp_v6_syn_recv_sock(struct sock *sk, struct sk_buff *skb,
1210 struct open_request *req,
1211 struct dst_entry *dst)
1212 {
1213 struct ipv6_pinfo *np;
1214 struct flowi fl;
1215 struct tcp_opt *newtp;
1216 struct sock *newsk;
1217 struct ipv6_txoptions *opt;
1218
1219 if (skb->protocol == __constant_htons(ETH_P_IP)) {
1220 /*
1221 * v6 mapped
1222 */
1223
1224 newsk = tcp_v4_syn_recv_sock(sk, skb, req, dst);
1225
1226 if (newsk == NULL)
1227 return NULL;
1228
1229 np = &newsk->net_pinfo.af_inet6;
1230
1231 ipv6_addr_set(&np->daddr, 0, 0, __constant_htonl(0x0000FFFF),
1232 newsk->daddr);
1233
1234 ipv6_addr_set(&np->saddr, 0, 0, __constant_htonl(0x0000FFFF),
1235 newsk->saddr);
1236
1237 ipv6_addr_copy(&np->rcv_saddr, &np->saddr);
1238
1239 newsk->tp_pinfo.af_tcp.af_specific = &ipv6_mapped;
1240 newsk->backlog_rcv = tcp_v4_do_rcv;
1241 newsk->net_pinfo.af_inet6.pktoptions = NULL;
1242 newsk->net_pinfo.af_inet6.opt = NULL;
1243 newsk->net_pinfo.af_inet6.mcast_oif = tcp_v6_iif(skb);
1244 newsk->net_pinfo.af_inet6.mcast_hops = skb->nh.ipv6h->hop_limit;
1245
1246 /* Charge newly allocated IPv6 socket. Though it is mapped,
1247 * it is IPv6 yet.
1248 */
1249 #ifdef INET_REFCNT_DEBUG
1250 atomic_inc(&inet6_sock_nr);
1251 #endif
1252 MOD_INC_USE_COUNT;
1253
1254 /* It is tricky place. Until this moment IPv4 tcp
1255 worked with IPv6 af_tcp.af_specific.
1256 Sync it now.
1257 */
1258 tcp_sync_mss(newsk, newsk->tp_pinfo.af_tcp.pmtu_cookie);
1259
1260 return newsk;
1261 }
1262
1263 opt = sk->net_pinfo.af_inet6.opt;
1264
1265 if (tcp_acceptq_is_full(sk))
1266 goto out_overflow;
1267
1268 if (sk->net_pinfo.af_inet6.rxopt.bits.srcrt == 2 &&
1269 opt == NULL && req->af.v6_req.pktopts) {
1270 struct inet6_skb_parm *rxopt = (struct inet6_skb_parm *)req->af.v6_req.pktopts->cb;
1271 if (rxopt->srcrt)
1272 opt = ipv6_invert_rthdr(sk, (struct ipv6_rt_hdr*)(req->af.v6_req.pktopts->nh.raw+rxopt->srcrt));
1273 }
1274
1275 if (dst == NULL) {
1276 fl.proto = IPPROTO_TCP;
1277 fl.nl_u.ip6_u.daddr = &req->af.v6_req.rmt_addr;
1278 if (opt && opt->srcrt) {
1279 struct rt0_hdr *rt0 = (struct rt0_hdr *) opt->srcrt;
1280 fl.nl_u.ip6_u.daddr = rt0->addr;
1281 }
1282 fl.nl_u.ip6_u.saddr = &req->af.v6_req.loc_addr;
1283 fl.fl6_flowlabel = 0;
1284 fl.oif = sk->bound_dev_if;
1285 fl.uli_u.ports.dport = req->rmt_port;
1286 fl.uli_u.ports.sport = sk->sport;
1287
1288 dst = ip6_route_output(sk, &fl);
1289 }
1290
1291 if (dst->error)
1292 goto out;
1293
1294 newsk = tcp_create_openreq_child(sk, req, skb);
1295 if (newsk == NULL)
1296 goto out;
1297
1298 /* Charge newly allocated IPv6 socket */
1299 #ifdef INET_REFCNT_DEBUG
1300 atomic_inc(&inet6_sock_nr);
1301 #endif
1302 MOD_INC_USE_COUNT;
1303
1304 ip6_dst_store(newsk, dst, NULL);
1305 sk->route_caps = dst->dev->features&~NETIF_F_IP_CSUM;
1306
1307 newtp = &(newsk->tp_pinfo.af_tcp);
1308
1309 np = &newsk->net_pinfo.af_inet6;
1310 ipv6_addr_copy(&np->daddr, &req->af.v6_req.rmt_addr);
1311 ipv6_addr_copy(&np->saddr, &req->af.v6_req.loc_addr);
1312 ipv6_addr_copy(&np->rcv_saddr, &req->af.v6_req.loc_addr);
1313 newsk->bound_dev_if = req->af.v6_req.iif;
1314
1315 /* Now IPv6 options...
1316
1317 First: no IPv4 options.
1318 */
1319 newsk->protinfo.af_inet.opt = NULL;
1320
1321 /* Clone RX bits */
1322 np->rxopt.all = sk->net_pinfo.af_inet6.rxopt.all;
1323
1324 /* Clone pktoptions received with SYN */
1325 np->pktoptions = NULL;
1326 if (req->af.v6_req.pktopts) {
1327 np->pktoptions = skb_clone(req->af.v6_req.pktopts, GFP_ATOMIC);
1328 kfree_skb(req->af.v6_req.pktopts);
1329 req->af.v6_req.pktopts = NULL;
1330 if (np->pktoptions)
1331 skb_set_owner_r(np->pktoptions, newsk);
1332 }
1333 np->opt = NULL;
1334 np->mcast_oif = tcp_v6_iif(skb);
1335 np->mcast_hops = skb->nh.ipv6h->hop_limit;
1336
1337 /* Clone native IPv6 options from listening socket (if any)
1338
1339 Yes, keeping reference count would be much more clever,
1340 but we make one more one thing there: reattach optmem
1341 to newsk.
1342 */
1343 if (opt) {
1344 np->opt = ipv6_dup_options(newsk, opt);
1345 if (opt != sk->net_pinfo.af_inet6.opt)
1346 sock_kfree_s(sk, opt, opt->tot_len);
1347 }
1348
1349 newtp->ext_header_len = 0;
1350 if (np->opt)
1351 newtp->ext_header_len = np->opt->opt_nflen + np->opt->opt_flen;
1352
1353 tcp_sync_mss(newsk, dst->pmtu);
1354 newtp->advmss = dst->advmss;
1355 tcp_initialize_rcv_mss(newsk);
1356
1357 newsk->daddr = LOOPBACK4_IPV6;
1358 newsk->saddr = LOOPBACK4_IPV6;
1359 newsk->rcv_saddr= LOOPBACK4_IPV6;
1360
1361 __tcp_v6_hash(newsk);
1362 tcp_inherit_port(sk, newsk);
1363
1364 return newsk;
1365
1366 out_overflow:
1367 NET_INC_STATS_BH(ListenOverflows);
1368 out:
1369 NET_INC_STATS_BH(ListenDrops);
1370 if (opt && opt != sk->net_pinfo.af_inet6.opt)
1371 sock_kfree_s(sk, opt, opt->tot_len);
1372 dst_release(dst);
1373 return NULL;
1374 }
1375
1376 static int tcp_v6_checksum_init(struct sk_buff *skb)
1377 {
1378 if (skb->ip_summed == CHECKSUM_HW) {
1379 skb->ip_summed = CHECKSUM_UNNECESSARY;
1380 if (!tcp_v6_check(skb->h.th,skb->len,&skb->nh.ipv6h->saddr,
1381 &skb->nh.ipv6h->daddr,skb->csum))
1382 return 0;
1383 NETDEBUG(if (net_ratelimit()) printk(KERN_DEBUG "hw tcp v6 csum failed\n"));
1384 }
1385 if (skb->len <= 76) {
1386 if (tcp_v6_check(skb->h.th,skb->len,&skb->nh.ipv6h->saddr,
1387 &skb->nh.ipv6h->daddr,skb_checksum(skb, 0, skb->len, 0)))
1388 return -1;
1389 skb->ip_summed = CHECKSUM_UNNECESSARY;
1390 } else {
1391 skb->csum = ~tcp_v6_check(skb->h.th,skb->len,&skb->nh.ipv6h->saddr,
1392 &skb->nh.ipv6h->daddr,0);
1393 }
1394 return 0;
1395 }
1396
1397 /* The socket must have it's spinlock held when we get
1398 * here.
1399 *
1400 * We have a potential double-lock case here, so even when
1401 * doing backlog processing we use the BH locking scheme.
1402 * This is because we cannot sleep with the original spinlock
1403 * held.
1404 */
1405 static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb)
1406 {
1407 #ifdef CONFIG_FILTER
1408 struct sk_filter *filter;
1409 #endif
1410 struct sk_buff *opt_skb = NULL;
1411
1412 /* Imagine: socket is IPv6. IPv4 packet arrives,
1413 goes to IPv4 receive handler and backlogged.
1414 From backlog it always goes here. Kerboom...
1415 Fortunately, tcp_rcv_established and rcv_established
1416 handle them correctly, but it is not case with
1417 tcp_v6_hnd_req and tcp_v6_send_reset(). --ANK
1418 */
1419
1420 if (skb->protocol == __constant_htons(ETH_P_IP))
1421 return tcp_v4_do_rcv(sk, skb);
1422
1423 #ifdef CONFIG_FILTER
1424 filter = sk->filter;
1425 if (filter && sk_filter(skb, filter))
1426 goto discard;
1427 #endif /* CONFIG_FILTER */
1428
1429 /*
1430 * socket locking is here for SMP purposes as backlog rcv
1431 * is currently called with bh processing disabled.
1432 */
1433
1434 IP6_INC_STATS_BH(Ip6InDelivers);
1435
1436 /* Do Stevens' IPV6_PKTOPTIONS.
1437
1438 Yes, guys, it is the only place in our code, where we
1439 may make it not affecting IPv4.
1440 The rest of code is protocol independent,
1441 and I do not like idea to uglify IPv4.
1442
1443 Actually, all the idea behind IPV6_PKTOPTIONS
1444 looks not very well thought. For now we latch
1445 options, received in the last packet, enqueued
1446 by tcp. Feel free to propose better solution.
1447 --ANK (980728)
1448 */
1449 if (sk->net_pinfo.af_inet6.rxopt.all)
1450 opt_skb = skb_clone(skb, GFP_ATOMIC);
1451
1452 if (sk->state == TCP_ESTABLISHED) { /* Fast path */
1453 TCP_CHECK_TIMER(sk);
1454 if (tcp_rcv_established(sk, skb, skb->h.th, skb->len))
1455 goto reset;
1456 TCP_CHECK_TIMER(sk);
1457 if (opt_skb)
1458 goto ipv6_pktoptions;
1459 return 0;
1460 }
1461
1462 if (skb->len < (skb->h.th->doff<<2) || tcp_checksum_complete(skb))
1463 goto csum_err;
1464
1465 if (sk->state == TCP_LISTEN) {
1466 struct sock *nsk = tcp_v6_hnd_req(sk, skb);
1467 if (!nsk)
1468 goto discard;
1469
1470 /*
1471 * Queue it on the new socket if the new socket is active,
1472 * otherwise we just shortcircuit this and continue with
1473 * the new socket..
1474 */
1475 if(nsk != sk) {
1476 if (tcp_child_process(sk, nsk, skb))
1477 goto reset;
1478 if (opt_skb)
1479 __kfree_skb(opt_skb);
1480 return 0;
1481 }
1482 }
1483
1484 TCP_CHECK_TIMER(sk);
1485 if (tcp_rcv_state_process(sk, skb, skb->h.th, skb->len))
1486 goto reset;
1487 TCP_CHECK_TIMER(sk);
1488 if (opt_skb)
1489 goto ipv6_pktoptions;
1490 return 0;
1491
1492 reset:
1493 tcp_v6_send_reset(skb);
1494 discard:
1495 if (opt_skb)
1496 __kfree_skb(opt_skb);
1497 kfree_skb(skb);
1498 return 0;
1499 csum_err:
1500 TCP_INC_STATS_BH(TcpInErrs);
1501 goto discard;
1502
1503
1504 ipv6_pktoptions:
1505 /* Do you ask, what is it?
1506
1507 1. skb was enqueued by tcp.
1508 2. skb is added to tail of read queue, rather than out of order.
1509 3. socket is not in passive state.
1510 4. Finally, it really contains options, which user wants to receive.
1511 */
1512 if (TCP_SKB_CB(opt_skb)->end_seq == sk->tp_pinfo.af_tcp.rcv_nxt &&
1513 !((1<<sk->state)&(TCPF_CLOSE|TCPF_LISTEN))) {
1514 if (sk->net_pinfo.af_inet6.rxopt.bits.rxinfo)
1515 sk->net_pinfo.af_inet6.mcast_oif = tcp_v6_iif(opt_skb);
1516 if (sk->net_pinfo.af_inet6.rxopt.bits.rxhlim)
1517 sk->net_pinfo.af_inet6.mcast_hops = opt_skb->nh.ipv6h->hop_limit;
1518 if (ipv6_opt_accepted(sk, opt_skb)) {
1519 skb_set_owner_r(opt_skb, sk);
1520 opt_skb = xchg(&sk->net_pinfo.af_inet6.pktoptions, opt_skb);
1521 } else {
1522 __kfree_skb(opt_skb);
1523 opt_skb = xchg(&sk->net_pinfo.af_inet6.pktoptions, NULL);
1524 }
1525 }
1526
1527 if (opt_skb)
1528 kfree_skb(opt_skb);
1529 return 0;
1530 }
1531
1532 int tcp_v6_rcv(struct sk_buff *skb)
1533 {
1534 struct tcphdr *th;
1535 struct sock *sk;
1536 int ret;
1537
1538 if (skb->pkt_type != PACKET_HOST)
1539 goto discard_it;
1540
1541 /*
1542 * Count it even if it's bad.
1543 */
1544 TCP_INC_STATS_BH(TcpInSegs);
1545
1546 if (!pskb_may_pull(skb, sizeof(struct tcphdr)))
1547 goto discard_it;
1548
1549 th = skb->h.th;
1550
1551 if (th->doff < sizeof(struct tcphdr)/4)
1552 goto bad_packet;
1553 if (!pskb_may_pull(skb, th->doff*4))
1554 goto discard_it;
1555
1556 if ((skb->ip_summed != CHECKSUM_UNNECESSARY &&
1557 tcp_v6_checksum_init(skb) < 0))
1558 goto bad_packet;
1559
1560 th = skb->h.th;
1561 TCP_SKB_CB(skb)->seq = ntohl(th->seq);
1562 TCP_SKB_CB(skb)->end_seq = (TCP_SKB_CB(skb)->seq + th->syn + th->fin +
1563 skb->len - th->doff*4);
1564 TCP_SKB_CB(skb)->ack_seq = ntohl(th->ack_seq);
1565 TCP_SKB_CB(skb)->when = 0;
1566 TCP_SKB_CB(skb)->flags = ip6_get_dsfield(skb->nh.ipv6h);
1567 TCP_SKB_CB(skb)->sacked = 0;
1568
1569 sk = __tcp_v6_lookup(&skb->nh.ipv6h->saddr, th->source,
1570 &skb->nh.ipv6h->daddr, ntohs(th->dest), tcp_v6_iif(skb));
1571
1572 if (!sk)
1573 goto no_tcp_socket;
1574
1575 process:
1576 if(!ipsec_sk_policy(sk,skb))
1577 goto discard_and_relse;
1578 if(sk->state == TCP_TIME_WAIT)
1579 goto do_time_wait;
1580
1581 skb->dev = NULL;
1582
1583 bh_lock_sock(sk);
1584 ret = 0;
1585 if (!sk->lock.users) {
1586 if (!tcp_prequeue(sk, skb))
1587 ret = tcp_v6_do_rcv(sk, skb);
1588 } else
1589 sk_add_backlog(sk, skb);
1590 bh_unlock_sock(sk);
1591
1592 sock_put(sk);
1593 return ret;
1594
1595 no_tcp_socket:
1596 if (skb->len < (th->doff<<2) || tcp_checksum_complete(skb)) {
1597 bad_packet:
1598 TCP_INC_STATS_BH(TcpInErrs);
1599 } else {
1600 tcp_v6_send_reset(skb);
1601 }
1602
1603 discard_it:
1604
1605 /*
1606 * Discard frame
1607 */
1608
1609 kfree_skb(skb);
1610 return 0;
1611
1612 discard_and_relse:
1613 sock_put(sk);
1614 goto discard_it;
1615
1616 do_time_wait:
1617 if (skb->len < (th->doff<<2) || tcp_checksum_complete(skb)) {
1618 TCP_INC_STATS_BH(TcpInErrs);
1619 sock_put(sk);
1620 goto discard_it;
1621 }
1622
1623 switch(tcp_timewait_state_process((struct tcp_tw_bucket *)sk,
1624 skb, th, skb->len)) {
1625 case TCP_TW_SYN:
1626 {
1627 struct sock *sk2;
1628
1629 sk2 = tcp_v6_lookup_listener(&skb->nh.ipv6h->daddr, ntohs(th->dest), tcp_v6_iif(skb));
1630 if (sk2 != NULL) {
1631 tcp_tw_deschedule((struct tcp_tw_bucket *)sk);
1632 tcp_timewait_kill((struct tcp_tw_bucket *)sk);
1633 tcp_tw_put((struct tcp_tw_bucket *)sk);
1634 sk = sk2;
1635 goto process;
1636 }
1637 /* Fall through to ACK */
1638 }
1639 case TCP_TW_ACK:
1640 tcp_v6_timewait_ack(sk, skb);
1641 break;
1642 case TCP_TW_RST:
1643 goto no_tcp_socket;
1644 case TCP_TW_SUCCESS:;
1645 }
1646 goto discard_it;
1647 }
1648
1649 static int tcp_v6_rebuild_header(struct sock *sk)
1650 {
1651 int err;
1652 struct dst_entry *dst;
1653 struct ipv6_pinfo *np = &sk->net_pinfo.af_inet6;
1654
1655 dst = __sk_dst_check(sk, np->dst_cookie);
1656
1657 if (dst == NULL) {
1658 struct flowi fl;
1659
1660 fl.proto = IPPROTO_TCP;
1661 fl.nl_u.ip6_u.daddr = &np->daddr;
1662 fl.nl_u.ip6_u.saddr = &np->saddr;
1663 fl.fl6_flowlabel = np->flow_label;
1664 fl.oif = sk->bound_dev_if;
1665 fl.uli_u.ports.dport = sk->dport;
1666 fl.uli_u.ports.sport = sk->sport;
1667
1668 if (np->opt && np->opt->srcrt) {
1669 struct rt0_hdr *rt0 = (struct rt0_hdr *) np->opt->srcrt;
1670 fl.nl_u.ip6_u.daddr = rt0->addr;
1671 }
1672
1673 dst = ip6_route_output(sk, &fl);
1674
1675 if (dst->error) {
1676 err = dst->error;
1677 dst_release(dst);
1678 sk->route_caps = 0;
1679 return err;
1680 }
1681
1682 ip6_dst_store(sk, dst, NULL);
1683 sk->route_caps = dst->dev->features&~NETIF_F_IP_CSUM;
1684 }
1685
1686 return 0;
1687 }
1688
1689 static int tcp_v6_xmit(struct sk_buff *skb)
1690 {
1691 struct sock *sk = skb->sk;
1692 struct ipv6_pinfo * np = &sk->net_pinfo.af_inet6;
1693 struct flowi fl;
1694 struct dst_entry *dst;
1695
1696 fl.proto = IPPROTO_TCP;
1697 fl.fl6_dst = &np->daddr;
1698 fl.fl6_src = &np->saddr;
1699 fl.fl6_flowlabel = np->flow_label;
1700 IP6_ECN_flow_xmit(sk, fl.fl6_flowlabel);
1701 fl.oif = sk->bound_dev_if;
1702 fl.uli_u.ports.sport = sk->sport;
1703 fl.uli_u.ports.dport = sk->dport;
1704
1705 if (np->opt && np->opt->srcrt) {
1706 struct rt0_hdr *rt0 = (struct rt0_hdr *) np->opt->srcrt;
1707 fl.nl_u.ip6_u.daddr = rt0->addr;
1708 }
1709
1710 dst = __sk_dst_check(sk, np->dst_cookie);
1711
1712 if (dst == NULL) {
1713 dst = ip6_route_output(sk, &fl);
1714
1715 if (dst->error) {
1716 sk->err_soft = -dst->error;
1717 dst_release(dst);
1718 return -sk->err_soft;
1719 }
1720
1721 ip6_dst_store(sk, dst, NULL);
1722 }
1723
1724 skb->dst = dst_clone(dst);
1725
1726 /* Restore final destination back after routing done */
1727 fl.nl_u.ip6_u.daddr = &np->daddr;
1728
1729 return ip6_xmit(sk, skb, &fl, np->opt);
1730 }
1731
1732 static void v6_addr2sockaddr(struct sock *sk, struct sockaddr * uaddr)
1733 {
1734 struct ipv6_pinfo * np = &sk->net_pinfo.af_inet6;
1735 struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *) uaddr;
1736
1737 sin6->sin6_family = AF_INET6;
1738 memcpy(&sin6->sin6_addr, &np->daddr, sizeof(struct in6_addr));
1739 sin6->sin6_port = sk->dport;
1740 /* We do not store received flowlabel for TCP */
1741 sin6->sin6_flowinfo = 0;
1742 sin6->sin6_scope_id = 0;
1743 if (sk->bound_dev_if && ipv6_addr_type(&sin6->sin6_addr)&IPV6_ADDR_LINKLOCAL)
1744 sin6->sin6_scope_id = sk->bound_dev_if;
1745 }
1746
1747 static int tcp_v6_remember_stamp(struct sock *sk)
1748 {
1749 /* Alas, not yet... */
1750 return 0;
1751 }
1752
1753 static struct tcp_func ipv6_specific = {
1754 tcp_v6_xmit,
1755 tcp_v6_send_check,
1756 tcp_v6_rebuild_header,
1757 tcp_v6_conn_request,
1758 tcp_v6_syn_recv_sock,
1759 tcp_v6_hash_connecting,
1760 tcp_v6_remember_stamp,
1761 sizeof(struct ipv6hdr),
1762
1763 ipv6_setsockopt,
1764 ipv6_getsockopt,
1765 v6_addr2sockaddr,
1766 sizeof(struct sockaddr_in6)
1767 };
1768
1769 /*
1770 * TCP over IPv4 via INET6 API
1771 */
1772
1773 static struct tcp_func ipv6_mapped = {
1774 ip_queue_xmit,
1775 tcp_v4_send_check,
1776 tcp_v4_rebuild_header,
1777 tcp_v6_conn_request,
1778 tcp_v6_syn_recv_sock,
1779 tcp_v4_hash_connecting,
1780 tcp_v4_remember_stamp,
1781 sizeof(struct iphdr),
1782
1783 ipv6_setsockopt,
1784 ipv6_getsockopt,
1785 v6_addr2sockaddr,
1786 sizeof(struct sockaddr_in6)
1787 };
1788
1789
1790
1791 /* NOTE: A lot of things set to zero explicitly by call to
1792 * sk_alloc() so need not be done here.
1793 */
1794 static int tcp_v6_init_sock(struct sock *sk)
1795 {
1796 struct tcp_opt *tp = &(sk->tp_pinfo.af_tcp);
1797
1798 skb_queue_head_init(&tp->out_of_order_queue);
1799 tcp_init_xmit_timers(sk);
1800 tcp_prequeue_init(tp);
1801
1802 tp->rto = TCP_TIMEOUT_INIT;
1803 tp->mdev = TCP_TIMEOUT_INIT;
1804
1805 /* So many TCP implementations out there (incorrectly) count the
1806 * initial SYN frame in their delayed-ACK and congestion control
1807 * algorithms that we must have the following bandaid to talk
1808 * efficiently to them. -DaveM
1809 */
1810 tp->snd_cwnd = 2;
1811
1812 /* See draft-stevens-tcpca-spec-01 for discussion of the
1813 * initialization of these values.
1814 */
1815 tp->snd_ssthresh = 0x7fffffff;
1816 tp->snd_cwnd_clamp = ~0;
1817 tp->mss_cache = 536;
1818
1819 tp->reordering = sysctl_tcp_reordering;
1820
1821 sk->state = TCP_CLOSE;
1822
1823 sk->tp_pinfo.af_tcp.af_specific = &ipv6_specific;
1824
1825 sk->write_space = tcp_write_space;
1826 sk->use_write_queue = 1;
1827
1828 sk->sndbuf = sysctl_tcp_wmem[1];
1829 sk->rcvbuf = sysctl_tcp_rmem[1];
1830
1831 atomic_inc(&tcp_sockets_allocated);
1832
1833 return 0;
1834 }
1835
1836 static int tcp_v6_destroy_sock(struct sock *sk)
1837 {
1838 struct tcp_opt *tp = &(sk->tp_pinfo.af_tcp);
1839
1840 tcp_clear_xmit_timers(sk);
1841
1842 /* Cleanup up the write buffer. */
1843 tcp_writequeue_purge(sk);
1844
1845 /* Cleans up our, hopefully empty, out_of_order_queue. */
1846 __skb_queue_purge(&tp->out_of_order_queue);
1847
1848 /* Clean prequeue, it must be empty really */
1849 __skb_queue_purge(&tp->ucopy.prequeue);
1850
1851 /* Clean up a referenced TCP bind bucket. */
1852 if(sk->prev != NULL)
1853 tcp_put_port(sk);
1854
1855 /* If sendmsg cached page exists, toss it. */
1856 if (tp->sndmsg_page != NULL)
1857 __free_page(tp->sndmsg_page);
1858
1859 atomic_dec(&tcp_sockets_allocated);
1860
1861 return inet6_destroy_sock(sk);
1862 }
1863
1864 /* Proc filesystem TCPv6 sock list dumping. */
1865 static void get_openreq6(struct sock *sk, struct open_request *req, char *tmpbuf, int i, int uid)
1866 {
1867 struct in6_addr *dest, *src;
1868 int ttd = req->expires - jiffies;
1869
1870 if (ttd < 0)
1871 ttd = 0;
1872
1873 src = &req->af.v6_req.loc_addr;
1874 dest = &req->af.v6_req.rmt_addr;
1875 sprintf(tmpbuf,
1876 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
1877 "%02X %08X:%08X %02X:%08X %08X %5d %8d %d %d %p",
1878 i,
1879 src->s6_addr32[0], src->s6_addr32[1],
1880 src->s6_addr32[2], src->s6_addr32[3],
1881 ntohs(sk->sport),
1882 dest->s6_addr32[0], dest->s6_addr32[1],
1883 dest->s6_addr32[2], dest->s6_addr32[3],
1884 ntohs(req->rmt_port),
1885 TCP_SYN_RECV,
1886 0,0, /* could print option size, but that is af dependent. */
1887 1, /* timers active (only the expire timer) */
1888 ttd,
1889 req->retrans,
1890 uid,
1891 0, /* non standard timer */
1892 0, /* open_requests have no inode */
1893 0, req);
1894 }
1895
1896 static void get_tcp6_sock(struct sock *sp, char *tmpbuf, int i)
1897 {
1898 struct in6_addr *dest, *src;
1899 __u16 destp, srcp;
1900 int timer_active;
1901 unsigned long timer_expires;
1902 struct tcp_opt *tp = &sp->tp_pinfo.af_tcp;
1903
1904 dest = &sp->net_pinfo.af_inet6.daddr;
1905 src = &sp->net_pinfo.af_inet6.rcv_saddr;
1906 destp = ntohs(sp->dport);
1907 srcp = ntohs(sp->sport);
1908 if (tp->pending == TCP_TIME_RETRANS) {
1909 timer_active = 1;
1910 timer_expires = tp->timeout;
1911 } else if (tp->pending == TCP_TIME_PROBE0) {
1912 timer_active = 4;
1913 timer_expires = tp->timeout;
1914 } else if (timer_pending(&sp->timer)) {
1915 timer_active = 2;
1916 timer_expires = sp->timer.expires;
1917 } else {
1918 timer_active = 0;
1919 timer_expires = jiffies;
1920 }
1921
1922 sprintf(tmpbuf,
1923 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
1924 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %lu %d %p %u %u %u %u %d",
1925 i,
1926 src->s6_addr32[0], src->s6_addr32[1],
1927 src->s6_addr32[2], src->s6_addr32[3], srcp,
1928 dest->s6_addr32[0], dest->s6_addr32[1],
1929 dest->s6_addr32[2], dest->s6_addr32[3], destp,
1930 sp->state,
1931 tp->write_seq-tp->snd_una, tp->rcv_nxt-tp->copied_seq,
1932 timer_active, timer_expires-jiffies,
1933 tp->retransmits,
1934 sock_i_uid(sp),
1935 tp->probes_out,
1936 sock_i_ino(sp),
1937 atomic_read(&sp->refcnt), sp,
1938 tp->rto, tp->ack.ato, (tp->ack.quick<<1)|tp->ack.pingpong,
1939 tp->snd_cwnd, tp->snd_ssthresh>=0xFFFF?-1:tp->snd_ssthresh
1940 );
1941 }
1942
1943 static void get_timewait6_sock(struct tcp_tw_bucket *tw, char *tmpbuf, int i)
1944 {
1945 struct in6_addr *dest, *src;
1946 __u16 destp, srcp;
1947 int ttd = tw->ttd - jiffies;
1948
1949 if (ttd < 0)
1950 ttd = 0;
1951
1952 dest = &tw->v6_daddr;
1953 src = &tw->v6_rcv_saddr;
1954 destp = ntohs(tw->dport);
1955 srcp = ntohs(tw->sport);
1956
1957 sprintf(tmpbuf,
1958 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
1959 "%02X %08X:%08X %02X:%08X %08X %5d %8d %d %d %p",
1960 i,
1961 src->s6_addr32[0], src->s6_addr32[1],
1962 src->s6_addr32[2], src->s6_addr32[3], srcp,
1963 dest->s6_addr32[0], dest->s6_addr32[1],
1964 dest->s6_addr32[2], dest->s6_addr32[3], destp,
1965 tw->substate, 0, 0,
1966 3, ttd, 0, 0, 0, 0,
1967 atomic_read(&tw->refcnt), tw);
1968 }
1969
1970 #define LINE_LEN 190
1971 #define LINE_FMT "%-190s\n"
1972
1973 int tcp6_get_info(char *buffer, char **start, off_t offset, int length)
1974 {
1975 int len = 0, num = 0, i;
1976 off_t begin, pos = 0;
1977 char tmpbuf[LINE_LEN+2];
1978
1979 if (offset < LINE_LEN+1)
1980 len += sprintf(buffer, LINE_FMT,
1981 " sl " /* 6 */
1982 "local_address " /* 38 */
1983 "remote_address " /* 38 */
1984 "st tx_queue rx_queue tr tm->when retrnsmt" /* 41 */
1985 " uid timeout inode"); /* 21 */
1986 /*----*/
1987 /*144 */
1988
1989 pos = LINE_LEN+1;
1990
1991 /* First, walk listening socket table. */
1992 tcp_listen_lock();
1993 for(i = 0; i < TCP_LHTABLE_SIZE; i++) {
1994 struct sock *sk = tcp_listening_hash[i];
1995 struct tcp_listen_opt *lopt;
1996 int k;
1997
1998 for (sk = tcp_listening_hash[i]; sk; sk = sk->next, num++) {
1999 struct open_request *req;
2000 int uid;
2001 struct tcp_opt *tp = &(sk->tp_pinfo.af_tcp);
2002
2003 if (sk->family != PF_INET6)
2004 continue;
2005 pos += LINE_LEN+1;
2006 if (pos >= offset) {
2007 get_tcp6_sock(sk, tmpbuf, num);
2008 len += sprintf(buffer+len, LINE_FMT, tmpbuf);
2009 if (pos >= offset + length) {
2010 tcp_listen_unlock();
2011 goto out_no_bh;
2012 }
2013 }
2014
2015 uid = sock_i_uid(sk);
2016 read_lock_bh(&tp->syn_wait_lock);
2017 lopt = tp->listen_opt;
2018 if (lopt && lopt->qlen != 0) {
2019 for (k=0; k<TCP_SYNQ_HSIZE; k++) {
2020 for (req = lopt->syn_table[k]; req; req = req->dl_next, num++) {
2021 if (req->class->family != PF_INET6)
2022 continue;
2023 pos += LINE_LEN+1;
2024 if (pos <= offset)
2025 continue;
2026 get_openreq6(sk, req, tmpbuf, num, uid);
2027 len += sprintf(buffer+len, LINE_FMT, tmpbuf);
2028 if (pos >= offset + length) {
2029 read_unlock_bh(&tp->syn_wait_lock);
2030 tcp_listen_unlock();
2031 goto out_no_bh;
2032 }
2033 }
2034 }
2035 }
2036 read_unlock_bh(&tp->syn_wait_lock);
2037
2038 /* Completed requests are in normal socket hash table */
2039 }
2040 }
2041 tcp_listen_unlock();
2042
2043 local_bh_disable();
2044
2045 /* Next, walk established hash chain. */
2046 for (i = 0; i < tcp_ehash_size; i++) {
2047 struct tcp_ehash_bucket *head = &tcp_ehash[i];
2048 struct sock *sk;
2049 struct tcp_tw_bucket *tw;
2050
2051 read_lock(&head->lock);
2052 for(sk = head->chain; sk; sk = sk->next, num++) {
2053 if (sk->family != PF_INET6)
2054 continue;
2055 pos += LINE_LEN+1;
2056 if (pos <= offset)
2057 continue;
2058 get_tcp6_sock(sk, tmpbuf, num);
2059 len += sprintf(buffer+len, LINE_FMT, tmpbuf);
2060 if (pos >= offset + length) {
2061 read_unlock(&head->lock);
2062 goto out;
2063 }
2064 }
2065 for (tw = (struct tcp_tw_bucket *)tcp_ehash[i+tcp_ehash_size].chain;
2066 tw != NULL;
2067 tw = (struct tcp_tw_bucket *)tw->next, num++) {
2068 if (tw->family != PF_INET6)
2069 continue;
2070 pos += LINE_LEN+1;
2071 if (pos <= offset)
2072 continue;
2073 get_timewait6_sock(tw, tmpbuf, num);
2074 len += sprintf(buffer+len, LINE_FMT, tmpbuf);
2075 if (pos >= offset + length) {
2076 read_unlock(&head->lock);
2077 goto out;
2078 }
2079 }
2080 read_unlock(&head->lock);
2081 }
2082
2083 out:
2084 local_bh_enable();
2085 out_no_bh:
2086
2087 begin = len - (pos - offset);
2088 *start = buffer + begin;
2089 len -= begin;
2090 if (len > length)
2091 len = length;
2092 if (len < 0)
2093 len = 0;
2094 return len;
2095 }
2096
2097 struct proto tcpv6_prot = {
2098 name: "TCPv6",
2099 close: tcp_close,
2100 connect: tcp_v6_connect,
2101 disconnect: tcp_disconnect,
2102 accept: tcp_accept,
2103 ioctl: tcp_ioctl,
2104 init: tcp_v6_init_sock,
2105 destroy: tcp_v6_destroy_sock,
2106 shutdown: tcp_shutdown,
2107 setsockopt: tcp_setsockopt,
2108 getsockopt: tcp_getsockopt,
2109 sendmsg: tcp_sendmsg,
2110 recvmsg: tcp_recvmsg,
2111 backlog_rcv: tcp_v6_do_rcv,
2112 hash: tcp_v6_hash,
2113 unhash: tcp_unhash,
2114 get_port: tcp_v6_get_port,
2115 };
2116
2117 static struct inet6_protocol tcpv6_protocol =
2118 {
2119 tcp_v6_rcv, /* TCP handler */
2120 tcp_v6_err, /* TCP error control */
2121 NULL, /* next */
2122 IPPROTO_TCP, /* protocol ID */
2123 0, /* copy */
2124 NULL, /* data */
2125 "TCPv6" /* name */
2126 };
2127
2128 extern struct proto_ops inet6_stream_ops;
2129
2130 static struct inet_protosw tcpv6_protosw = {
2131 type: SOCK_STREAM,
2132 protocol: IPPROTO_TCP,
2133 prot: &tcpv6_prot,
2134 ops: &inet6_stream_ops,
2135 capability: -1,
2136 no_check: 0,
2137 flags: INET_PROTOSW_PERMANENT,
2138 };
2139
2140 void __init tcpv6_init(void)
2141 {
2142 /* register inet6 protocol */
2143 inet6_add_protocol(&tcpv6_protocol);
2144 inet6_register_protosw(&tcpv6_protosw);
2145 }
2146